CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.
Phoenix, AZ
Joined July 2009
- Tweets 8,305
- Following 139
- Followers 776
- Likes 17,402
For the roles I hire, it's a degree, or equivalent experience. Lots of talented folks without degrees.
2
Jan 30-31 for conference, Jan 29 for training: 2018.appseccalifornia.org/in… cc @RAGreenberg
2
4
1
6
Page 11 has a sentence that was cut off: "To assess his condition, the Player Characters will need to perform a scan with a medical"
1
True for non-Infosec experiences as well. That jar of tongue depressors in your doc office, the salt shaker at the restaurant, etc.
3
Earlier is better, with multiple check-ins. Minimum 3: ideation, wire-frame, just prior to release. For all stakeholders, not just security.
1
If that's your threat model, then use a hidden encrypted volume. You can give up password to decoy volume: linuxvoice.com/hidden-encryp…
2
Speaks to the larger issue that companies believe accountability for security rests solely on the InfoSec team.
1
Seems perverse that the Equifax CSO and CIO had to retire and are replaced by IT VPs. Operationally, IT owns patching and failed to do so.
1
3
8
Ease of returns has me shopping locally, typically at Costco, for something like that. Or I'll order online from a local store.
[Unverified] Partial SOP Bypass in every browser - something to keep an eye on. lists.w3.org/Archives/Public…
1
Computers are so much faster than 20 years ago, yet they don't feel faster. Part of why sales have slowed, no reason to get new one.
She likely has never heard of Sikhism. This follow up statement is awesome: m.huffingtonpost.ca/2017/09/…
1
1
2
I was joking that a benevolent hacker could exploit the vuln, then with that access, patch the vuln for the owner.
1
1